1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-10 01:48:00 +00:00

Add support for HMAC-SHA512.

I saw a post on comp.security.ssh just now where someone had
encountered an SSH server that would _only_ speak that, which makes it
worth bothering to implement.

The totally obvious implementation works, and passes the test cases
from RFC 6234.
This commit is contained in:
Simon Tatham 2023-04-21 20:17:43 +01:00
parent d67c13eeb8
commit b77e985513
6 changed files with 44 additions and 8 deletions

View File

@ -160,6 +160,22 @@ static const char *hmac_text_name(ssh2_mac *mac)
return ctx->text_name->s;
}
static const struct hmac_extra ssh_hmac_sha512_extra = { &ssh_sha512, "" };
const ssh2_macalg ssh_hmac_sha512 = {
.new = hmac_new,
.free = hmac_free,
.setkey = hmac_key,
.start = hmac_start,
.genresult = hmac_genresult,
.next_message = nullmac_next_message,
.text_name = hmac_text_name,
.name = "hmac-sha2-512",
.etm_name = "hmac-sha2-512-etm@openssh.com",
.len = 64,
.keylen = 64,
.extra = &ssh_hmac_sha512_extra,
};
static const struct hmac_extra ssh_hmac_sha256_extra = { &ssh_sha256, "" };
const ssh2_macalg ssh_hmac_sha256 = {
.new = hmac_new,

1
ssh.h
View File

@ -1205,6 +1205,7 @@ extern const ssh2_macalg ssh_hmac_sha1_buggy;
extern const ssh2_macalg ssh_hmac_sha1_96;
extern const ssh2_macalg ssh_hmac_sha1_96_buggy;
extern const ssh2_macalg ssh_hmac_sha256;
extern const ssh2_macalg ssh_hmac_sha512;
extern const ssh2_macalg ssh2_poly1305;
extern const ssh2_macalg ssh2_aesgcm_mac;
extern const ssh2_macalg ssh2_aesgcm_mac_sw;

View File

@ -20,7 +20,8 @@ const struct ssh_signkey_with_user_pref_id ssh2_hostkey_algs[] = {
};
const static ssh2_macalg *const macs[] = {
&ssh_hmac_sha256, &ssh_hmac_sha1, &ssh_hmac_sha1_96, &ssh_hmac_md5
&ssh_hmac_sha512, &ssh_hmac_sha256,
&ssh_hmac_sha1, &ssh_hmac_sha1_96, &ssh_hmac_md5
};
const static ssh2_macalg *const buggymacs[] = {
&ssh_hmac_sha1_buggy, &ssh_hmac_sha1_96_buggy, &ssh_hmac_md5

View File

@ -3579,30 +3579,41 @@ class standard_test_vectors(MyTestBase):
def testHmacSHA(self):
# Test cases from RFC 6234 section 8.5.
def vector(key, message, s1=None, s256=None):
def vector(key, message, s1=None, s256=None, s512=None):
if s1 is not None:
self.assertEqualBin(
mac_str('hmac_sha1', key, message), unhex(s1))
if s256 is not None:
self.assertEqualBin(
mac_str('hmac_sha256', key, message), unhex(s256))
if s512 is not None:
self.assertEqualBin(
mac_str('hmac_sha512', key, message), unhex(s512))
vector(
unhex("0b"*20), "Hi There",
"b617318655057264e28bc0b6fb378c8ef146be00",
"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7")
"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7",
"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cde"
"daa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854")
vector(
"Jefe", "what do ya want for nothing?",
"effcdf6ae5eb2fa2d27416d5f184df9c259a7c79",
"5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843")
"5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843",
"164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea250554"
"9758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737")
vector(
unhex("aa"*20), unhex('dd'*50),
"125d7342b9ac11cd91a39af48aa17b4f63f175d3",
"773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565FE")
"773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565FE",
"fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39"
"bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb")
vector(
unhex("0102030405060708090a0b0c0d0e0f10111213141516171819"),
unhex("cd"*50),
"4c9007f4026250c6bc8414f9bf50c86c2d7235da",
"82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b")
"82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b",
"b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3db"
"a91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd")
vector(
unhex("aa"*80),
"Test Using Larger Than Block-Size Key - Hash Key First",
@ -3611,7 +3622,9 @@ class standard_test_vectors(MyTestBase):
unhex("aa"*131),
"Test Using Larger Than Block-Size Key - Hash Key First",
s256="60e431591ee0b67f0d8a26aacbf5b77f"
"8e0bc6213728c5140546040f0ee37f54")
"8e0bc6213728c5140546040f0ee37f54", s512=
"80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f352"
"6b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598")
vector(
unhex("aa"*80),
"Test Using Larger Than Block-Size Key and "
@ -3622,7 +3635,10 @@ class standard_test_vectors(MyTestBase):
"This is a test using a larger than block-size key and a "
"larger than block-size data. The key needs to be hashed "
"before being used by the HMAC algorithm.",
s256="9B09FFA71B942FCB27635FBCD5B0E944BFDC63644F0713938A7F51535C3A35E2")
s256="9b09ffa71b942fcb27635fbcd5b0e944"
"bfdc63644f0713938a7f51535c3a35e2", s512=
"e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944"
"b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58")
def testEd25519(self):
def vector(privkey, pubkey, message, signature):

View File

@ -35,6 +35,7 @@ BEGIN_ENUM_TYPE(macalg)
ENUM_VALUE("hmac_sha1_96", &ssh_hmac_sha1_96)
ENUM_VALUE("hmac_sha1_96_buggy", &ssh_hmac_sha1_96_buggy)
ENUM_VALUE("hmac_sha256", &ssh_hmac_sha256)
ENUM_VALUE("hmac_sha512", &ssh_hmac_sha512)
ENUM_VALUE("poly1305", &ssh2_poly1305)
ENUM_VALUE("aesgcm", &ssh2_aesgcm_mac)
ENUM_VALUE("aesgcm", &ssh2_aesgcm_mac)

View File

@ -339,6 +339,7 @@ VOLATILE_WRAPPED_DEFN(static, size_t, looplimit, (size_t x))
X(Y, ssh_hmac_sha1_96) \
X(Y, ssh_hmac_sha1_96_buggy) \
X(Y, ssh_hmac_sha256) \
X(Y, ssh_hmac_sha512) \
/* end of list */
#define ALL_MACS(X, Y) \